News XHamster In Trouble...

[EddyTheDog]

Actually they are the lead Tech story on the BBC - So they have probably seen a traffic spike...

Porn sites hit by malware hidden in adverts - BBC News

[sandman!]

bad ads are everywhere

[j3rkules]

Sex Messenger from Crack?

[Shap]

https://gfy.com/fucking-around-and-pr...r-youporn.html

i imagine that's what i experienced

[Emil]

Adblock is the shiiiit

[xXXtesy10]

malware.. this just top notch, stand up bro stuff. move along

[mineistaken]

thiefhamster.

[takethebluepill]

No way...Crakrevenue's Sex Messenger the culprit? Boy, that's a surprise. I always thought they were such a fine outstanding company. (Insert sarcasm here).

[xXXtesy10]

Quote:

Originally Posted by takethebluepill

No way...Crakrevenue's Sex Messenger the culprit? Boy, that's a surprise. I always thought they were such a fine outstanding company. (Insert sarcasm here).

outstanding is key choice word there. top notch is better suited

[PornSEO]

Actually there's nothing new in this...

[deonbell]

I was surprised to see a browser locking fake DOJ ransom ware pop-up recently. Sometimes I want to call those 1-800 malware numbers up and ask how much money they are making.

[PaperstreetWinston]

Quote:

Originally Posted by PornSEO

Actually there's nothing new in this...

[ITraffic]

links to sex messenger still seem to work ...

[adultmobile]

Quote:

Originally Posted by takethebluepill

No way...Crakrevenue's Sex Messenger the culprit?

The good part of the article it is: "porn sites are no more dangerous than mainstream ones." and "the top [adult] sites do dedicate a lot of resources to fighting fraud and malware."

No one talks of Crack... If you read this:

https://blog.malwarebytes.org/malver...p-adult-sites/

You see that the ransomware is really served by TrafficHaus:

https://twitter.com/traffichaus
https://www.traffichaus.com/index.php#services
Speaker Shout Out – Mark Bauman | WMA Amsterdam 2015
Q&A With TrafficHaus CEO Mark Bauman - XBIZ.com

The screnshot in article is the one of a ransomware ( https://en.wikipedia.org/wiki/Ransomware ) using paysafecard, often they use bitcoin too. But, in the article they mention SexMessenger, which is an installable download, but not a ramsomware itself for sure. Executable downloads that are not ransomware (unsure if malware, depends what you mean by it), are around since ages for example virtuagirl.com . These installs may do spammy stuff, I don't know, and they sell advertising space in turn to others, but they don't encrypt all your files asking a ransom to pay to get your pc back.

What I suppose it happened there, it is that TrafficHaus guys served the ransomware to explorer users who can be infected, and SexMessenger to others who can't be infected? If this is the case, there is no Crak media involved. But article mentions SexMessenger, so maybe this was crack->SexMessenger guys (which is not crak guys but their french partners) then TrafficHaus then ransomware?

Should Crak, Traffichaus etc. write here and explain what happened, the articles above are misleading at best.

PS: With Google I found this TrafficHaus answer in a forum back in April regarding a previous case:

--
An advertiser advertising within TrafficHaus advertising platform got access to a minute number of impressions, not users, it was a very targeted campaign which is why TrafficHaus and malwarebytes picked it up. The access was .001% of the total traffic served per day on Xhamster. This was a minor attack which we caught very early and it most likely did not affect any users.

The company responsible is a media buying company that purports their own system, called TrafficInside.Me (http://trafficinside.me/) They claimed they were hacked, but we don't buy it. Luckily we caught it WELL before any damage could be done and so did Malwarebytes and removed it completely from the site before any damage was done. We've had 0 Reports from any users on XHamster being hit with the virus, and it would be hard pressed for you to find a single user out there with proof that they've ever been affected by Xhamster in this way, as we work diligently to keep the site clean.

They were doing very browser specific targeting. The systems we utilize currently are still unable to detect the Angler exploit, 2 anti virus scanning systems as well as all the top antivirus programs using VMware. This advertiser was activated Friday January 24th and taken down saturday January 25th. The ads in question received a total of 100k impressions, so the exposure was very very minimal, not even a tenth of a tenth of a tenth of the audience population as the advertiser was still on restricted access through our normal protocols to combat malware.

We are seeking stronger systems in detecting the Angler exploit kit in a more proactive fashion, we reached out to malwarebytes in the past without any support to help combat, so we renew our request to combat this rather than talking about this.
It was able to to get around our repeated scans, although the advertiser did provide all the necessary documents and went through our normal protocols.
As you may be aware the top antivirus and detection systems do not catch this exploit, so it is very manual on our part as well as malwarebytes.

We believe that through cooperation and teamwork to prevent these intrusions, Xhamster, TrafficHaus, and Malwarebytes can make the ecosystem of adult internet sites safer and more secure. We hope we hear from Malwarebytes soon as we've requested to work together for some time now. Perhaps your next release can be about how we combat this type of advertising daily, and about Malwarebytes joining that fight.

Hope you navigate your favorite adult channel safely.
--

[xXXtesy10]

traffichaus think adult police now? stupid fucks

[CaptainHowdy]

Don't visit Xhamster ...

[EliteWebmaster]

The sheer number of copyright infringement videos on xhamster is astounding. Good grief, no wonder porn is dying. Companies are not doing enough to protect their stuff from being stolen. AdultCyberPolice proprietary software in it's brief time on the site noticed so many violations of pirated videos, it's amazing they can get away with it and no one does anything to stop them.

[Best-In-BC]

WOW, old malware problem, at least 2 years, there's new stuff that is much less damaging but more annoying now. Just a little late on the report.

[AdultKing]

Quote:

Originally Posted by EliteWebmaster

The sheer number of copyright infringement videos on xhamster is astounding. Good grief, no wonder porn is dying. Companies are not doing enough to protect their stuff from being stolen.

How do you know this ? What basis can be made for your claim ?

There are only a total of 2003 takedown requests issued to Google on XHamster.com.

Around 50 per week.

Copyright Removal Requests ? Google Transparency Report

Obviously more would be issued directly to XHamster but you also do not know how much content this site has licensed.

The large tubes license huge volumes of content, much more than you can imagine.

I'm not saying XHamster are totally clean, but I think most people over estimate the level of infringement on most of the big tubes that do license huge amounts of content.

Quote:

AdultCyberPolice proprietary software in it's brief time on the site noticed so many violations of pirated videos.

It's obvious to me that you have no clue. Perhaps you should rewrite your "proprietary software" as you cannot detect infringement without knowing what is being infringed and I seriously doubt all of the studios and producers have given you fingerprints and title/production information on all their content.


[btw- your sig is too big]

[poncabare]

Interesting read

[bns666]

what about JesusDialer? is that still alive?

[NaughtyAce]

Quote:

Originally Posted by jerkules

Sex Messenger from Crack?

Crak actually had nothing to do with this, and the code was just placed next to theirs, not actually coming from their code.
At this point, all attack attempts have been blocked, and they were blocked within 24 hours. We have established that there was a hack attempt on TrafficHaus, and not Xhamster. We believe that Xhamster is being unfairly targeted here as well as sex messenger app. The hacker made attempts to make it appear as if it was coming from messenger app and xhamster, but placing their code next to their ad unit in our system. Neither companies had anything to do with the attempt. Xhamster was pivotal in helping us catch the intrusion as well as information from their users. The attack was initially detected by a user complaint via Xhamster which were quickly acted upon to prevent further spread of the attempted malware attack. Our system flagged several attack attempts days before and do to the large audience of our clients and our ads we are of course a large target for these malicious attacks. All previous attempts were prevented, however this final attempt was not detected until after the malware had made it into the system, but was immediately blocked when made aware in less than 24 hours.

We have reviewed the logs, IPs, and accounts related to the malware injections. We are still investigating, and will update if we find out anything more. For now, it looks like the initial intrusion was via a user account hack in the czech republic and a Tor Exit Router in the US. We have the injection logged from a CZ IP Address (89.187.142.208) so we know it is related to the same incident as it corresponds with our change logs. When the hacker gained access to a password to one of our admin accounts, they injected that cookiecheck.js file into the advertiser?s creative on our side, making it look like it?s from the advertiser in attempts to make it more difficult to follow.
We believe the attack vector was unsecure wifi, as we had recently attended a conference in the Czech Republic.
We purged this from our system immediately upon finding it and it has been down since yesterday morning.

As Malwarebytes themselves and many tech blogs have said, we are more secure and more proactive at fighting malware than other systems on the internet. Xhamster and other pornsites we work with are not more dangerous than yahoo who was recently attacked as well or other sites. As they said we do allocate a lot of resources to fighting fraud and malware and more than most. We believe the shock value is just higher given the nature of the content:
?Segura told TechWeekEurope he didn?t think porn sites were necessarily more dangerous to visit than others with regards to this type of attack.
?There?s this idea that adult sites are more dangerous to visit than ?regular? sites,? he said. ?I don?t believe it?s entirely true especially for the top sites because they do dedicate a lot of resources to fighting fraud and malware. Based on what we have seen in the past months as far as malvertising goes, we have seen just as many top mainstream publishers as pornographic ones.??
Read more at TechWeekEurope UK | Enhancing business with technology - in association with eweek.com

Currently TrafficHaus has a 2 factor authentication system which requires an SMS in order to log into an account. The IP location may have been the fault in allowing the user to bipass so we are adding on a secondary flag layer even if the IP is authorized. In addition we also have RiskIQ and GeoEdge simultaneously scanning all ads and creatives, and our own proprietary scans and business methodologies for catching and removing exploits. In addition to that we have revamped our SMS authentication system to add additional layers to users when logging in, and another layer of secondary notification restrictions when ads are approved and code is pushed live to ad units. We have scans for user activity to isolate any intrusions. Furthermore we work directly with malwarebytes and other adtech pioneers in the space that are helping to prevent the spread of these malicious software and thank them for their help.

For now, we purged this from our system immediately upon finding it and it has been down since late in the evening of the 24th of September, early morning the 25th. Xhamster and our other partners number 1 concern is their users, their user experience, and delivering the best possible experience to them. We believe that is tarnished when news articles are released post these sort of one off situations after attacks have been blocked and solutions have been implemented. We will continue to work with them and other leaders in the adult space to prevent and eradicate these types of attacks and preserve a safe browsing experience for all.

[Matyko]

OK, so this fucks only those who are browsing with Internet Explorer? Why should anyone use that pile of shit?

[incredibleworkethic]

Quote:

Originally Posted by Matyko

OK, so this fucks only those who are browsing with Internet Explorer? Why should anyone use that pile of shit?

Saw this kind of popup on Chrome before .

[Marshal]

Quote:

Originally Posted by adultmobile

The good part of the article it is: "porn sites are no more dangerous than mainstream ones." and "the top [adult] sites do dedicate a lot of resources to fighting fraud and malware."

No one talks of Crack... If you read this:

https://blog.malwarebytes.org/malver...p-adult-sites/

You see that the ransomware is really served by TrafficHaus:

https://twitter.com/traffichaus
https://www.traffichaus.com/index.php#services
Speaker Shout Out ? Mark Bauman | WMA Amsterdam 2015
Q&A With TrafficHaus CEO Mark Bauman - XBIZ.com

The screnshot in article is the one of a ransomware ( https://en.wikipedia.org/wiki/Ransomware ) using paysafecard, often they use bitcoin too. But, in the article they mention SexMessenger, which is an installable download, but not a ramsomware itself for sure. Executable downloads that are not ransomware (unsure if malware, depends what you mean by it), are around since ages for example virtuagirl.com . These installs may do spammy stuff, I don't know, and they sell advertising space in turn to others, but they don't encrypt all your files asking a ransom to pay to get your pc back.

What I suppose it happened there, it is that TrafficHaus guys served the ransomware to explorer users who can be infected, and SexMessenger to others who can't be infected? If this is the case, there is no Crak media involved. But article mentions SexMessenger, so maybe this was crack->SexMessenger guys (which is not crak guys but their french partners) then TrafficHaus then ransomware?

Should Crak, Traffichaus etc. write here and explain what happened, the articles above are misleading at best.

PS: With Google I found this TrafficHaus answer in a forum back in April regarding a previous case:

--
An advertiser advertising within TrafficHaus advertising platform got access to a minute number of impressions, not users, it was a very targeted campaign which is why TrafficHaus and malwarebytes picked it up. The access was .001% of the total traffic served per day on Xhamster. This was a minor attack which we caught very early and it most likely did not affect any users.

The company responsible is a media buying company that purports their own system, called TrafficInside.Me (http://trafficinside.me/) They claimed they were hacked, but we don't buy it. Luckily we caught it WELL before any damage could be done and so did Malwarebytes and removed it completely from the site before any damage was done. We've had 0 Reports from any users on XHamster being hit with the virus, and it would be hard pressed for you to find a single user out there with proof that they've ever been affected by Xhamster in this way, as we work diligently to keep the site clean.

They were doing very browser specific targeting. The systems we utilize currently are still unable to detect the Angler exploit, 2 anti virus scanning systems as well as all the top antivirus programs using VMware. This advertiser was activated Friday January 24th and taken down saturday January 25th. The ads in question received a total of 100k impressions, so the exposure was very very minimal, not even a tenth of a tenth of a tenth of the audience population as the advertiser was still on restricted access through our normal protocols to combat malware.

We are seeking stronger systems in detecting the Angler exploit kit in a more proactive fashion, we reached out to malwarebytes in the past without any support to help combat, so we renew our request to combat this rather than talking about this.
It was able to to get around our repeated scans, although the advertiser did provide all the necessary documents and went through our normal protocols.
As you may be aware the top antivirus and detection systems do not catch this exploit, so it is very manual on our part as well as malwarebytes.

We believe that through cooperation and teamwork to prevent these intrusions, Xhamster, TrafficHaus, and Malwarebytes can make the ecosystem of adult internet sites safer and more secure. We hope we hear from Malwarebytes soon as we've requested to work together for some time now. Perhaps your next release can be about how we combat this type of advertising daily, and about Malwarebytes joining that fight.

Hope you navigate your favorite adult channel safely.
--

Mark is a stand up guy, so I wouldn't doubt they have already fixed the problem.

[EliteWebmaster]

Quote:

Originally Posted by AdultKing

How do you know this ? What basis can be made for your claim ?

There are only a total of 2003 takedown requests issued to Google on XHamster.com.

Around 50 per week.

Copyright Removal Requests ? Google Transparency Report

Obviously more would be issued directly to XHamster but you also do not know how much content this site has licensed.

The large tubes license huge volumes of content, much more than you can imagine.

I'm not saying XHamster are totally clean, but I think most people over estimate the level of infringement on most of the big tubes that do license huge amounts of content.





It's obvious to me that you have no clue. Perhaps you should rewrite your "proprietary software" as you cannot detect infringement without knowing what is being infringed and I seriously doubt all of the studios and producers have given you fingerprints and title/production information on all their content.


[btw- your sig is too big]

You have no clue AdultKing, the only thing you are good at is selling out. You seem a bit defensive about Xhamster. Did you sell out to them too?


Oh yeah I bet Xhamster legitimately has full tube rights for these full length movies below that AdultCyberPolice picked up in a matter of minutes. AK you are a fucking retard.

Car Wash (Vivid) Sefani Morgan
Teen: Teen HD Porn Video - xHamster

Pirates (Digital Playground) Jesse Jane
Pirates 1: Free Hardcore & Blowjob Porn Video - xHamster

Life of Riley (Wicked) Kaylani Lei
The Life of Riley - Kaylani Lei, Free HD Porn: xHamster

Cooking with Kayden (Digital Playground) Kayden Kross
Cooking with Kayden Kross, Free Pornstar Porn: xHamster

Big Wet Butts 7 (Brazzers) Misc
http://xhamster.com/movies/1292552/b...ss_part_1.html

Slick Ass Girls (3rd Degree Films) Misc
http://xhamster.com/movies/2198848/o...n_party_4.html

Janine Loves Jenna (Club Jenna) Jenna Jameson
http://xhamster.com/movies/3425795/j...jenna_cd2.html

Lex Steele XXX (Mercenary Pictures) Lex Steele
http://xhamster.com/movies/2788744/l...xx_10_cd1.html

[xxx6live]

I just got the paysafe demand on xhamster in chrome this very moment, checking out the movie links above. Had to close the browser via task manager.

[adultmobile]

Quote:

Originally Posted by xxx6live

I just got the paysafe demand on xhamster in chrome this very moment, checking out the movie links above. Had to close the browser via task manager.

You sure? TraffiHaus guy said this is fixed.

[xXXtesy10]

Quote:

Originally Posted by Marshal

Mark is a stand up guy, so I wouldn't doubt they have already fixed the problem.

you're a fuckstick

[xXXtesy10]

Quote:

Originally Posted by adultmobile

You sure? TraffiHaus guy said this is fixed.

who elect these idiots adult police?

[Crak_Eric]

Quote:

Originally Posted by NaughtyAce

Crak actually had nothing to do with this, and the code was just placed next to theirs, not actually coming from their code.

Thank you Mark, for the very thorough, detailed reply on this.

This is correct. Sex Messenger IS NOT - and HAS NEVER BEEN malware.

None of the links or offers at Crak contain malware or anything malicious. If anyone says otherwise it's simply not true.

[NaughtyAce]

Quote:

Originally Posted by xXXtesy10

traffichaus think adult police now? stupid fucks

Someones got to do it, so step it up and help or get out the way.

[NaughtyAce]

Quote:

Originally Posted by Marshal

Mark is a stand up guy, so I wouldn't doubt they have already fixed the problem.

Thanks Marshal, look 2 replies up, we estimate this affected users for about 9-12 hours, we had 7 complaints in that time, and that was the extent that we are aware of.
We resolved this very quickly thanks to XHamster, and proactiveness with their users.
So we are going to be offering a reward to users in the past and future for relaying this information more quickly.

[NaughtyAce]

Quote:

Originally Posted by xXXtesy10

who elect these idiots adult police?

Sounds like you're hating on our company, our publishers elected us adult police when we have to implement multiple systems to prevent and mitigate their exposure from these pieces of crap out there. That's who.

[xxx6live]

Quote:

Originally Posted by adultmobile

You sure? TraffiHaus guy said this is fixed.

Yes, but this one looked like a fake ransom ware, pop-up scam locking the browser window (not actually downloading real malware as the one TrafficHous talked about). I hope.

Still it cannot be good for business.

[xXXtesy10]

Quote:

Originally Posted by NaughtyAce

Someones got to do it, so step it up and help or get out the way.

youfucking idiot, nobody elect you king

[xXXtesy10]

Quote:

Originally Posted by NaughtyAce

Sounds like you're hating on our company, our publishers elected us adult police when we have to implement multiple systems to prevent and mitigate their exposure from these pieces of crap out there. That's who.

so what? you are not police now go fuck yourself

[Jamie Gardner]

Quote:

Originally Posted by AdultKing

How do you know this ? What basis can be made for your claim ?

There are only a total of 2003 takedown requests issued to Google on XHamster.com.

Around 50 per week.

Copyright Removal Requests ? Google Transparency Report

Obviously more would be issued directly to XHamster but you also do not know how much content this site has licensed.

The large tubes license huge volumes of content, much more than you can imagine.

I'm not saying XHamster are totally clean, but I think most people over estimate the level of infringement on most of the big tubes that do license huge amounts of content.

I don't think a company like VCX would authorize entire movies to be on xhamster. Right now, VCX's Debbie Does Dallas and The Legend of Lady Blue are on the website. There is a difference between a company putting up scenes that are 12 minutes or less, on their tube channels, and a entire movie being
on a website. I believe that the reason there is not more takedown notices is that anti-piracy organizations are not finding all the unauthorized videos. One of the things that hurts anti-piracy efforts is that xhamster will not allow watermarks for videos that are not put up by a porn company. The uploaders then either crop out the watermark or blur the watermark. If someone working for a anti-piracy organization doesn't have the same level of knowledge as I do at identifying videos, they may not know what movie the video came from.

[takethebluepill]

So let me get this straight. BBC news, a company with more lawyers then a circus vw filled with clowns, very likely passes this story through aforementioned army of lawyers to make sure that they are not opening themselves up to a defamation suit or other legal action. Then, satisfied that this story passes legal muster, publishes this story that points the finger directly at Sex Messenger.

But, the representatives from Sex Messenger post on GFY that it is not them. I don't know. If it walks like a duck and quacks like a duck...well you know...

[rayadp05]

I log into xHamster quite frequently and never saw anything like this. Although, I do have security software installed and I do not use Internet Explorer either.

[adultmobile]

Quote:

Originally Posted by takethebluepill

So let me get this straight. BBC news, a company with more lawyers then a circus vw filled with clowns, very likely passes this story through aforementioned army of lawyers to make sure that they are not opening themselves up to a defamation suit or other legal action. Then, satisfied that this story passes legal muster, publishes this story that points the finger directly at Sex Messenger.

But, the representatives from Sex Messenger post on GFY that it is not them. I don't know. If it walks like a duck and quacks like a duck...well you know...

Probably since this is about a porn site the BBC don't even cared to ask the lawyer or check themselves. They assume porn sites are all illegal guys in first place who can't sue anyone.

[Beaver1]

Quote:

Originally Posted by xXXtesy10

malware.. this just top notch, stand up bro stuff. move along

I hope the officials have enough mankind, to go behind the scene.
And didnt just hit the top notch again.

[PAR]

Quote:

Originally Posted by xXXtesy10

so what? you are not police now go fuck yourself

So would you rather that they did nothing?
Just let ad-buyers fill their system with malware, have it spread across all their publishers site to the end user?

Or would you rather that they take the responsibility to keep their system as clean as possible of malware ads?

After all, it is not only up to each ad network to do what they can to keep their system as clean as possible of malware, but also their responsibility to the publishing sites and to not cause harm to the publishers end-user base.

The only people I can see that would be upset by ad networks putting time, energy, resources and money into this would be those trying to benefit from malware. As they are the only ones negatively impacted by networks trying to keep malware from spreading out of their system.

As to the point of who elected them (or any ad network), nobody had to, after all it is their system to protect.

I'd be more worried about the networks that do not do such checks, than the ones that do.

[fuzebox]

Quote:

Originally Posted by PAR

So would you rather that they did nothing?
Just let ad-buyers fill their system with malware, have it spread across all their publishers site to the end user?

Or would you rather that they take the responsibility to keep their system as clean as possible of malware ads?

After all, it is not only up to each ad network to do what they can to keep their system as clean as possible of malware, but also their responsibility to the publishing sites and to not cause harm to the publishers end-user base.

The only people I can see that would be upset by ad networks putting time, energy, resources and money into this would be those trying to benefit from malware. As they are the only ones negatively impacted by networks trying to keep malware from spreading out of their system.

As to the point of who elected them (or any ad network), nobody had to, after all it is their system to protect.

I'd be more worried about the networks that do not do such checks, than the ones that do.

Come on, don't waste time arguing with nobodies